Home / / Middle East organisations use threat intelligence to shoot down cyber-attacks

Middle East organisations use threat intelligence to shoot down cyber-attacks

Advanced cyber-attacks target confidential corporate data, business critical IP and valuable customer information

Middle East organisations use threat intelligence to shoot down cyber-attacks
After researching into the organisation, attackers will begin the threat with a phishing email, hoping to trick an employee into clicking on a malicious link or downloading a malware-ridden attachment.

Advanced targeted attacks represent one of the biggest threats to organisations across the Middle East, according to a new report from Trend Micro Incorporated.

Confidential corporate data, business critical IP and valuable customer information are all potentially at risk from this new type of attack the report said.

"Preventing exposure of these enterprise 'crown jewels' has become a major priority for IT and business leaders. One of the best ways of doing so is to build reliable threat intelligence so that expert teams can spot advanced threats early on and deal with them appropriately."

According to the report, after researching into the organisation, attackers will begin the threat with a phishing email, hoping to trick an employee into clicking on a malicious link or downloading a malware-ridden attachment. Once inside the corporate network, the attacker will search for the assets they wish to steal. Such attacks can lay hidden for weeks, months or even years, exfiltrating data and sending it out to the attackers over time.

The report says that registry changes, file changes, event log entries, service changes, and mutexes are all tell-tale signs of a breach and monitoring in and out-bound traffic, could yield indicators of compromise such as domains or IP addresses related to a command and control (C&C) servers, or use of unusual ports and protocols on critical systems.

Even though zero-day exploits and customised malware can be used in such attacks, organisations can still detect attacker activity by monitoring network traffic closely, because C&C protocols tend to remain relatively consistent. Trend Micro advises that threat intelligence programs are a vital tactic in spotting and blocking such attacks.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.

CHANNEL AWARD 2018